It's all spinning wheels and self-doubt until the first pot of coffee.

A Curmudgeon Playing with the CodeIgniter Framework and OpenID

One bit of hackery I did this weekend was to explore the CodeIgniter PHP framework, which is even less magic yet more glued-together out of the box than the Zend Framework. Also, very much less magic than CakePHP and barely in the same universe as Symfony. I think I may have found my sweet spot of simplicity and comprehensible magic.

CodeIgniter has is a PHP 4 / 5 framework that provides a lightweight Model / View / Controller arrangement with URL routing and a useful but minimal constellation of utility classes and helpers. The view templates are in PHP, with just a bit of pre-processing. The controllers are plain-old PHP classes whose methods are called via simple URL routes.

The model layer of CodeIgniter, however, is the weakest part of the trio - which I actually like a lot. It's not a magical ORM - instead it's just a simple superclass from which to derive, mostly there to suggest that a separate model is a good thing to write. The DB abstraction classes just make the job of writing SQL statements easier and don't pretend that there's no impedance mismatch between objects and relational tables.

The depth of code in CodeIgniter is shallow enough that I felt I was able to get into developing quickly while still taking side trips through the framework methods I was calling and get at least a glance at what being taken care of for me. There's always danger in magic, but this stuff doesn't really get out of hand.

To doodle around with an idea, I threw together a layout decorator class to support the sort of nested templates I'm used to from Symfony. Out of the box, CI views are simple, offering facilities for calling sub-templates and "partials" but not directly providing conventions for such. My first swatches of code add a bit of that.

After playing around with layouts, the next thing I did was to use CI sessions and the PHP OpenID Library to develop both an auth producer and consumer. CodeIgniter doesn't come with a ready-made user auth system, though it does come with its own implementation of sessions using encrypted browser cookies to replace PHP's native sessions - another feature I really like.

Kind of odd - but on the same toy app I can sign up for local accounts, sign into other sites with OpenID URLs based on local accounts, and sign into my CI app with external OpenID identities.

The wild bit is that I can even sign in locally with one OpenID URL, then use the newly created local profile to get a second OpenID URL to sign in somewhere else. Seems interesting yet possibly dangerous. I mostly just glued the right parts together and got the Auth_OpenID black-box modules working - now that I have an operational OpenID system, I need to study it further.

Archived Comments

Hmm, a system that treats its own OpenIDs just like any other OpenID and considers them foreign credentials for which it creates a new account seems… weird. It seems it should recognize its own OpenIDs and map them back to the corresponding username.